Court Holds Geofence Warrant Unconstitutional
In the first order of its kind, a federal district court has held that a warrant used to identify all devices in the area of a bank robbery, including the defendant’s, “plainly violates the rights enshrined in [the Fourth] Amendment.” The court questioned whether similar warrants could ever be constitutional.
The case is United States v. Chatrie, and addresses a controversial tool called a geofence warrant. The police issued the warrant to Google seeking information on every device within the area of the robbery during a one-hour period. The geographic area was about 17.5 acres (about 3 and a half times the footprint of a New York city block) and included a church, a chain restaurant, a hotel, several apartments and residences, a senior living facility, a self-storage business, and two busy streets.
Google’s initial search identified 19 devices, with a total of 210 individual location points. Google assigned anonymizing identifiers to each device and provided their locations to the police. Following a three-step process designed by Google, the police expanded the time period to two hours to get additional location information for 9 of the devices. Ultimately, police obtained detailed, identifying subscriber information for three devices. One of those belonged to the defendant.
Mr. Chatrie filed a motion to suppress the geofence evidence, and, after several hearings and extensive expert testimony, the court issued a thorough, 63-page order holding the warrant was unconstitutional. The court held that it’s not enough for the police to allege that a crime was committed and the perpetrator used a cellphone. If the police want to get information on every device in the area, they must also establish probable cause to search every person in the area, something that’s likely impossible in a busy area like this one.
The court further held that Google’s three-step process did not cure the warrant’s defects. The initial anonymization of the data didn’t help because, as the court recognized, “[e]ven ‘anonymized’ location data—from innocent people—can reveal astonishing glimpses into individuals’ private lives when the Government collects data across even a one- or two-hour period.”
The second and third steps of the process, taken ostensibly to narrow the number of devices disclosed to police, couldn’t buttress the search either. They were “undertaken with no judicial review whatsoever” and “provided law enforcement unchecked discretion to seize more intrusive and personal data with each round of requests—without ever needing to return to a neutral and detached magistrate for approval.” There were no objective guardrails in the warrant or “any semblance of objective criteria to guide how officers would narrow the lists of users.” And even though Google (rather than the police) insisted on narrowing at the second step, the court held “Fourth Amendment protections should not be left in the hands of a private actor.”
Chatrie follows everal other courts that have also held geofence warrants to be unconstitutional, but in each of those cases, the judges were reviewing the warrant before a defendant had ever been charged. The Chatrie case is different because the warrant was approved by a magistrate, and the investigation ultimately resulted in the case brought against Mr. Chatrie. With the help of experienced defense attorneys and extensive testimony from Google and expert witnesses for both the defense and prosecution, the parties were able to create a robust factual record, which the court detailed in its order. This should prove extremely helpful for other defendants challenging similar geofence warrants in the future.
The facts established in the case confirmed much of what we already suspected—that Google has a voluminous, detailed, and searchable database of location information, which it collects from “numerous tens of millions” of its users. The data comes from a database Google calls “Sensorvault,” where it stores location data for one of its services called “Location History.” Google collects Location History data from different sources, including wifi connections, GPS and Bluetooth signals, and cellular networks. And it logs a device’s location, on average, every two minutes. This makes it much more precise than cell site location information and allows Google to estimate a device’s (and by extension, the device owner’s) location to within 20 meters or less.
This precision also allows Google to infer where a user has been, what they were doing at the time, and the path they took to get there. Google can even determine a user’s elevation and establish what floor of a building that user may have been on. As the court noted, “Location History appears to be the most sweeping, granular, and comprehensive tool—to a significant degree—when it comes to collecting and storing location data.”
However, the fact witnesses also showed that, despite this claimed precision, the data may not be all that accurate. It may place a device inside the geofenced area that was, in fact hundreds of feet away and vice versa. This creates the possibility of both false positives and false negatives—people could be implicated for the robbery when they were nowhere near the bank, or the actual perpetrator might not show up at all in the data Google provides to police.
Unfortunately for Mr. Chatrie, despite the court’s determination that the warrant was plainly unconstitutional, the court nevertheless refused to suppress the evidence. The court held that the officer acted in good faith on what he thought was a valid warrant. This is a frustrating outcome that lets the police off the hook in this case. However, the court’s order makes clear that this can’t happen again in the future. The police are now on notice that geofence warrants are, by default, unconstitutional, and there are very few—if any—scenarios in which they could satisfy the Fourth Amendment.
This piece was originally featured on Eff.org under the title, Federal Court in Virginia Holds Geofence Warrant Violates Constitution